From 9fb2f8e10091415faeb6f8691fa43362d62627e9 Mon Sep 17 00:00:00 2001 From: Valentin Rothberg Date: Fri, 30 Jun 2023 10:44:36 +0200 Subject: [PATCH] podman machine start: fix ready service When debugging #17403, the logs of sshd indicates that Podman tried to ssh into the machine too soon as the `core` user has not yet been fully set up: > error: kex_exchange_identification: Connection closed by remote host > fatal: Access denied for user core by PAM account configuration [preauth] @dustymabe found that the we may have to wait for systemd-user sessions to be up. Doing that reduces the flake rate on my M2 machine but does not entirely fix the issue. Since I have seen multiple symptoms of flakiness, I think it does not hurt to add the systemd-user sessions to the dependencies of the ready service and continue investigating. [NO NEW TESTS NEEDED] - once we have a fix out, I want to exercise frequent stop/start in the machine tests but they won't pass now. Signed-off-by: Valentin Rothberg --- pkg/machine/hyperv/machine.go | 1 + pkg/machine/qemu/machine.go | 1 + 2 files changed, 2 insertions(+) diff --git a/pkg/machine/hyperv/machine.go b/pkg/machine/hyperv/machine.go index d93febe3aa..473676a40d 100644 --- a/pkg/machine/hyperv/machine.go +++ b/pkg/machine/hyperv/machine.go @@ -178,6 +178,7 @@ func (m *HyperVMachine) Init(opts machine.InitOptions) (bool, error) { // VSOCK-CONNECT:2 <- shortcut to connect to the hostvm ready := `[Unit] After=remove-moby.service sshd.socket sshd.service +After=systemd-user-sessions.service OnFailure=emergency.target OnFailureJobMode=isolate [Service] diff --git a/pkg/machine/qemu/machine.go b/pkg/machine/qemu/machine.go index e2d9c91e79..783f5cd368 100644 --- a/pkg/machine/qemu/machine.go +++ b/pkg/machine/qemu/machine.go @@ -334,6 +334,7 @@ func (v *MachineVM) Init(opts machine.InitOptions) (bool, error) { ready := `[Unit] Requires=dev-virtio\\x2dports-%s.device After=remove-moby.service sshd.socket sshd.service +After=systemd-user-sessions.service OnFailure=emergency.target OnFailureJobMode=isolate [Service]